From c663217b00cd4b782fcd72ceb606525474a80bb3 Mon Sep 17 00:00:00 2001
From: alena <alena@cloud.com>
Date: Mon, 20 Jun 2011 10:32:19 -0700
Subject: [PATCH] bug 9642: listVms by regular user using domainId parameter
 will work only when domainId specified is the domainId the caller belongs to.
 status 9642: resolved fixed

---
 server/src/com/cloud/vm/UserVmManagerImpl.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 9c5b9d57c79..71f775818f8 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -79,6 +79,7 @@ import com.cloud.configuration.ResourceCount.ResourceType;
 import com.cloud.configuration.dao.ConfigurationDao;
 import com.cloud.configuration.dao.ResourceLimitDao;
 import com.cloud.dc.DataCenter;
+import com.cloud.dc.DataCenter.NetworkType;
 import com.cloud.dc.DataCenterVO;
 import com.cloud.dc.HostPodVO;
 import com.cloud.dc.dao.AccountVlanMapDao;
@@ -2970,6 +2971,10 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
                 }
             }
         } else {
+            //regular user can't specify any other domain rather than his own
+            if (domainId != null && domainId.longValue() != caller.getDomainId()) {
+                throw new PermissionDeniedException("Caller is not authorised to see domain id=" + domainId + " entries");
+            }
             accountId = caller.getId();
         }